Lucene search
K

7 matches found

NVD
NVD
added 2026/05/08 7:16 a.m.13 views

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

9.8CVSS0.01549EPSS
Exploits4References6
NVD
NVD
added 2026/05/08 7:16 a.m.33 views

CVE-2025-67886

Bitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged...

6.3CVSS0.01028EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.8 views

CVE-2019-11344

data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked...

9.8CVSS8.1AI score0.03574EPSS
Exploits1References1
NVD
NVD
added 2019/04/19 7:29 p.m.20 views

CVE-2019-11344

data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked...

9.8CVSS9.7AI score0.03574EPSS
Exploits1References1
OSV
OSV
added 2019/04/19 7:29 p.m.19 views

CVE-2019-11344

data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked...

9.8CVSS8AI score
Exploits0References1
Prion
Prion
added 2017/05/31 4:29 a.m.15 views

Design/Logic Flaw

PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file...

6.5CVSS8.5AI score0.0128EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/05/31 4:29 a.m.15 views

CVE-2017-8402

PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file...

8.8CVSS8.7AI score0.0128EPSS
Exploits0References1
Rows per page
Query Builder